Skip to main content

Amazon S3

Files.com's integration with Amazon S3 allows you to integrate with files on a Amazon S3 bucket in several different ways.

Files.com's Remote Server Mount feature gives you the ability connect a specific folder on Files.com to the remote server in a real time manner.

That folder then becomes a client, or window, accessing the files stored in your remote server or cloud.

Once you configure a Mount, any operation you perform on or inside that folder will act directly on the remote in real time. Whether you are dropping a file into that folder, deleting a file, creating a subfolder, or performing any other file/folder operations your Files.com user has permissions for, those operations will "pass through" to the remote in real time.

This powerful feature enables a wide variety of use cases such as accessing files on a counterparty (client or vendor)'s cloud without provisioning individual access to individual users, reducing storage costs by leveraging on-premise or bulk storage solutions, enabling applications to access 3rd party clouds via Files.com API, FTP, SFTP, or Files.com Apps and many more

Alternatively, Files.com's Remote Server Sync feature give you the ability to push or pull files to or from remote servers. This means that the files will exist in both places at the end of the sync process.

A remote sync can be a "push", where files from your Files.com site are transferred to the remote server, a "pull" where files are transferred from the remote server to your Files.com site, or a two-way "sync" where files that are new or changed in either location are pushed and pulled to maintain a synchronized state between the folder on your Files.com site and that on the remote server.

Add Amazon S3 as a Remote Server

Add a new Remote Server to your site, and select Amazon S3 as the server type.

You must provide an Internal name for this connection. If you're managing multiple remote servers, make the name clear enough to easily identify this particular connection.

The Region and Bucket are required, because they define which bucket Files.com will connect to, and the Authentication Information contains the credentials Files.com will use for connecting to AWS.

Region and Bucket

Files.com supports connecting to S3 buckets in many regions, even regions where Files.com itself doesn't have an AWS presence. This includes Govcloud. We are happy to expand our list of supported regions; please contact us if you have a need to access a region you don't see listed.

Files.com requires full access to the Bucket being used, so we recommend creating a bucket for the exclusive use of Files.com.

AWS Region

The AWS Region Code of your S3 bucket name can be found by using the get-bucket-locationExternal LinkThis link leads to an external website and will open in a new tab command of the AWS CLI tool. You can cross-reference the region code and region name using Amazon's online documentationExternal LinkThis link leads to an external website and will open in a new tab.

Bucket Name

Your Amazon S3 bucket name can be found in the Amazon AWS Console, within the Amazon S3 sectionExternal LinkThis link leads to an external website and will open in a new tab, under the Buckets list.

Authentication Information

Files.com uses an Access Key and Secret Key to authenticate requests, following the protocol established by AWS for S3. You will use AWS IAM to create an IAM user for Files.com.

After generating the IAM User, copy its Access Key and Secret Key to Files.com.

You will also need to apply a policy to the IAM user to grant it full permissions to the bucket being used.

Below is an example S3 user policy (replace <bucketname> with your bucket name):

{
   "Version":"2012-10-17",
   "Statement":[
      {
         "Effect":"Allow",
         "Action": "s3:*",
         "Resource": [
           "arn:aws:s3:::<bucketname>",
           "arn:aws:s3:::<bucketname>/*"
         ]
      }
   ]
}

Read-Only Permission

Access to the S3 bucket is determined by the policies and permissions in Amazon S3External LinkThis link leads to an external website and will open in a new tab.

If your S3 bucket is read-only, or you wish Files.com to be restricted to read-only permissions, then configure the S3 user policy (replace <bucketname> with your bucket name) as below:

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Action": [
           "s3:GetObject",
           "s3:ListBucket",
           "s3:GetBucketLocation"
         ],
         "Resource": [
           "arn:aws:s3:::<bucketname>",
           "arn:aws:s3:::<bucketname>/path/to/subfolder/*"
         ]
      }
   ]
}

Subfolder-Only Permission

If your S3 user policy does not have access to the entire bucket, or is restricted to specific subfolders only, then verification of access to the bucket may fail when testing credentials.

Use the advanced setting for Can these credentials access the root of this remote or are they restricted to a subfolder? to specify a subfolder that can be used to verify access when testing your credentials.

Previous Limitations

Files.com's integration with Amazon S3 previously failed to support S3 buckets that use S3's "Object Lock" features, which includes S3's Legal Hold feature. As of March 2022, this feature is now supported.

Add Remote Server Mount

Remote Server Mounts are created by mounting them onto an empty folder in Files.com. This folder should not be the Root of your site, although that is supported if you need it.

Add Remote Server Sync

After creating the Amazon S3 Remote Server, you can use it to perform Remote Syncs between your bucket and Files.com.

Re-authenticating

Certain remotes that use OAuth for authentication may require regular rotation of your credentials. When this is needed, you will see an alert in the top left of the web interface. You can click the link in that alert to re-authenticate and re-establish the connection to the remote.

Empty Folders/Directories

Amazon S3 object storage is not a hierarchical file system and does not use directories (folders) to organize files. Files and data are stored in objects but are presented in the illusion of a hierarchical file system.

This becomes most apparent when creating, syncing, or uploading an empty folder to Amazon S3 storage.

Amazon S3 storage will represent an empty folder as a zero-byte object of the same name. The zero-byte object will be presented as a zero-byte file.

Amazon S3 will manage these zero-byte objects, and their corresponding empty folders, itself. However these zero-byte objects may present themselves to other programs, applications, and services that use the S3 bucket. They should be considered a "normal" side effect of using S3 object storage.

Files.com follows the same conventions used by other software to emulate folders on these non-hierarchical file systems. We aim to interoperate using as many reasonable conventions, standards, and best practices, as possible.

Troubleshooting

Generally speaking, most issues are caused by incorrectly entering a configuration item. Make sure that there are no typos and that you are specifying the correct bucket name, region and keys.

If you specify a region that does not match where the bucket or keys exist then you may see an error such as:

The bucket you are attempting to access must be addressed using the specified endpoint.

Make sure that you choose the correct AWS region that corresponds to the location of the bucket and keys.

Be aware of case sensitivity differences when copying, moving, or syncing files and folders between Amazon S3 and other storage locations. Amazon S3 is a case sensitive system whereas other systems are not. This can cause files to be overwritten, and folders to have their contents merged, if their case insensitive names are a match.

Get Instant Access to Files.com

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.